Monday, August 19, 2013

So browsing around the Internet, I found a comment by someone discussing email privacy. They suggested an act of protest regarding the NSA and their email (among other things) spying. I thought the idea was so good, I'd share it with you and even show you how to do it.

The NSA current keeps track of many things, way too many for me to list and we probably don't know everything that they do yet. One thing we do know is that they track email "metadata" and if an email contains anything encrypted, they keep it on a permanent or semi-permanent basis in order to decrypt it later. No warrant, no reasonable suspicion, nothing. They consider encryption to be suspicious in of itself. Even with the resources of the US government, no agency could track all traffic on the Internet or store everything, there's just far too much.

That brings me to the idea itself. What if we used something like TrueCrypt to create a small, encrypted file and attached it to all outgoing emails we send? These would likely be snatched up by the NSA for decryption at a later date, if and when it becomes possible to do without decades of computing time. If even a TINY percentage of Internet users did this, they would be up to their ears in encrypted files that contained... nothing.

I think this is a brilliant idea and I'll be doing this myself. I suggest you do, too. So here's a guide on how to set this up if you're interested.

Note: This is for Windows only, using TrueCrypt. The same idea would work with any OS or any program that allowed you to encrypt a file or container of files.

Step 1: Download and install TrueCrypt.

Head on over to truecrypt.org and download the program. Click "Downloads" at the top of the page and then select the version appropriate for your OS. Download it and run the file. Follow the instructions and finish.

Step 2: Create an encrypted container.

Now that you have TrueCrypt installed, open it up.

Click "Volumes" then "Create New Volume..."

The first option, "Create an encrypted file container" should be selected automatically, if not, select it and click "Next".

If "Standard TrueCrypt volume" isn't selected by default, select it and hit "Next".

Click "Select File..." then go to whatever folder you want to create the encrypted contained in and enter a name for the container. You can name it anything, with any extension or none. Waffles.jpg, stuff.doc, anything.mov or just plain BISCUITS. It really doesn't matter. After you've picked a folder and entered the name of the container, click "Save" then click "Next"

For the Encryption Algorithm, any will work but I recommend either AES-Twofish-Serpent or Serpent-Twofish-AES, just for the added complexity. As for the Hash Algorithm, any should be fine. Once you've made your selections on this page, click "Next"

Now we pick the size of the container. You'll want it to be small, so that sending emails doesn't take a long time. It should be big enough to contain whatever you want to put in it. Make a copy of the US constitution, a note from you to the NSA or something like that. You probably don't want it more than 1 or 2 MB. We'll set it to 1 MB. Click "Next"

Now we set a password. This should be a good one. TrueCrypt supports up to 64 characters for passwords, so let's do that. You can simply roll your face on the keyboard or type random characters, whatever works for you. Whatever it is, make sure it's 64 characters long and is a combination of letters, numbers, spaces and special characters. When you've got a nice looking one in the top box, copy it and then paste it into the second box.

We're also going to use a keyfile. You can even use multiple keyfiles if you want. TrueCrypt will take data from the keyfile(s) to strengthen the encryption, so why not? Check the "use keyfiles" box then click the "Keyfiles..." button. Click "Add Files..." and select one file, or multiple files. After that's done, click "OK"

The next window will take random data from your mouse movements in the window to help make the encryption more secure. Move your mouse randomly within the window for a few seconds, then click "Format" And... that's it. You did it. Click "Exit"

Step 3: Attach this file to your outgoing emails.

Now, whenever you send an email, attach this file. You might want to avoid sending it to companies or businesses as they might be suspicious of random files being sent to them, and rightly so. But if you send an email to a friend or family member, attach the file. You might even want to change the name of the file every now and then.

Let the NSA get hundreds or thousands of useless, encrypted files that they will save for who knows how long. And if they actually do manage to get a system powerful enough to start decrypting them? Congratulations, you just wasted their time and resources! If they want to invade our privacy and destroy our 4th amendment rights, let's make them work for it.

And this isn't limited to Americans, if you're from another country you can do this when emailing anyone in the USA, the NSA will pay just as much attention to that, maybe more.

Thursday, August 8, 2013

With the NSA bullshit lighting the Internet up like a Christmas tree, I'm here to ask you something. As an American citizen, I'm asking you to COMPLETELY avoid doing business with any American company that handles data such as an email provider or any other "cloud" service. We simply cannot be trusted to keep anyone's data private.

I have a link near the top of the page, PRISM Break, with a lot of info on how to have some actual privacy online. Of course, nothing is perfect. No data online can be considered 100% safe, but you can get pretty close and should try to make it as difficult as possible for anyone to spy on you.

This doesn't just affect the USA, as the NSA spies on any communications coming into or going out of America. If you aren't in America, Petition your law makers and government officials to stop doing business with America and American companies until this mass surveillance ends. If you use any "cloud" services that are hosted in the USA, stop. If you run a business or know anyone who does, encourage them to do the same.

One of the things we, Americans, listen to is money. And if this NSA spying ends up hurting us economically, perfect. That may be the only way to make any progress towards restoring any small amount of privacy to the Internet in the short term. Until then, encrypt absolutely everything. I've already taken steps to regain some of my lost privacy, and over time I'll be doing more. I suggest you do the same.

Saturday, August 3, 2013

I've been big into YouTube lately. Of course, I'm not new to it, as I click random links to cat videos and other strange or funny things like everyone else every now and then. But I've been watching a lot more recently and have subscribed to a number of really good channels. Here are a few I would recommend, along with an example video for each.